Last week, the drugstore chain Rite Aid confirmed it suffered a “cybersecurity incident” in June, which resulted in a data breach. This week, Rite Aid followed up its announcement by revealing that 2.2 million customers were impacted by the breach.
As reported by Bleeping Computer, Rite Aid filed notices with the Office of the Maine Attorney General to inform customers of the cyberattack. As the notice explains, “an unknown third party impersonated a company employee to compromise their business credentials and gain access to certain business systems” on June 6, 2024. Rite Aid detected the breach within 12 hours of the attack and began working to terminate the unauthorized access.
“We determined by June 17, 2024, that certain data associated with the purchase or attempted purchase of specific retail products was acquired by the unknown third party,” the retailer said in the notice letters being sent to customers. “This data included purchaser name, address, date of birth and driver’s license number or other form of government-issued ID presented at the time of a purchase between June 6, 2017, and July 30, 2018.”
While Rite Aid has yet to confirm the identity of its attacker, Bleeping Computer reports that the ransomware group RansomHub has claimed responsibility. On their dark web site, the hacking group revealed that they “obtained over 10 GB of customer information equating to around 45 million lines of people’s personal information.”
Tech. Entertainment. Science. Your inbox.
Sign up for the most interesting tech & entertainment news out there.
Email: SIGN UP
By signing up, I agree to the Terms of Use and have reviewed the Privacy Notice.
Thankfully, Rite Aid says financial information, Social Security numbers, and health details were not stolen in the attack. What was stolen will soon be making the rounds online, though, as Rite Aid apparently cut off ransom negotiations with the hackers. On July 11, RansomHub posted a two-week countdown for the release of the stolen data.
If you are one of the millions of customers impacted by the massive data breach, you can sign up for identity monitoring from Kroll courtesy of Rite Aid.
The post 2.2 million Rite Aid customers were hacked in June data breach appeared first on BGR.